However, in this case, because the CPA is auditing the District under the LLA’s audit authority, the HIPAA audit exception (See, 45 CFR. §164.512) applies. There is no AG opinion on point regarding HIPAA, but there are AG opinions concerning the disclosure of confidential tax information under the Audit Law that are analogous. (See AG Op. No. 07-0168 where the AG opines that “[i]n light of the fact that R.S. 24:513 allows for audits to be performed by independent certified public accountants, it is our opinion that the ability of a political subdivision to disclose confidential tax information to the Legislative Auditor also extends to an independent certified public accountant performing an audit of the political subdivision pursuant to R.S. 24:513.”). By the same token, because R.S. 24:513 allows for audits to be performed by Independent CPAs, the ability of a political subdivision to disclose HIPAA PHI to the LLA also extends to the ICPA performing the audit of the political subdivision pursuant to R.S. 24:513.

Therefore, given the law and AG opinions, it appears that a CPA should be given access to the full report in performing audits of the political subdivision; however, the information contained therein shall be maintained as confidential pursuant to the requirements of R.S. 24:513 (G) & (I).